Azure-docs: Add an SPClaimMapping to support Azure AD groups

Created on 20 Feb 2019  Â·  6Comments  Â·  Source: MicrosoftDocs/azure-docs

In the section "Configure SharePoint on-premises Single Sign-On", the script to create the new SPTrustedIdentityTokenIssuer, should have an additional mapping to support security groups. The following worked for me:
$map5 = New-SPClaimTypeMapping -IncomingClaimType "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" -IncomingClaimTypeDisplayName "Group" -SameAsIncoming

Adding this mapping allows group lookups through AzureCP.

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

assigned-to-author azure-active-directorsvc doc-enhancement triaged
Source
picture joshtransient

All 6 comments

@joshtransient Thanks for the feedback! We are currently investigating and will update you shortly.

BryanTrach-MSFT picture BryanTrach-MSFT on 21 Feb 2019
👍1

@joshtransient Thanks for the feedback ! I have assigned this issue to content author to investigate and update the document as appropriate.

SaurabhSharma-MSFT picture SaurabhSharma-MSFT on 22 Feb 2019
👍1

Code in the example looks like it was updated to add $map5, but last line does not add $map5 in the -ClaimsMapping argument.

joshtransient picture joshtransient on 31 Mar 2019

@chetansriv Yes we missed it in the last line for adding the map5 variable. So please add that here.

jeevansd picture jeevansd on 2 Apr 2019

@joshtransient This is complete now, please review

chetansriv picture chetansriv on 26 Apr 2019
👍1

please-close

chetansriv picture chetansriv on 26 Apr 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

behnam89 picture behnam89  Â·  3Comments
monteledwards picture monteledwards  Â·  3Comments
JamesDLD picture JamesDLD  Â·  3Comments
mrdfuse picture mrdfuse  Â·  3Comments
paulmarshall picture paulmarshall  Â·  3Comments